Usage subject to Terms and Conditions

All posts by

Slight Snyk Layoffs Reinforce Trend: Lacking IPO Options, Cybersecurity Startups Cut Jobs

Read the original article at https://www.msspalert.com/cybersecurity-news/slight-snyk-layoffs-reinforce-trend-lacking-ipo-options-cybersecurity-startups-cut-jobs/

Snyk layoffs impact small portion of cybersecurity company staff. Lacking near-term IPO option, multiple cybersecurity startups reduce their cash burn rates.

The post Slight Snyk Layoffs Reinforce Trend: Lacking IPO Options, Cybersecurity Startups Cut Jobs appeared first on MSSP Alert.

Read the original article at https://www.msspalert.com/cybersecurity-news/slight-snyk-layoffs-reinforce-trend-lacking-ipo-options-cybersecurity-startups-cut-jobs/

10 Most Read MSSP News Stories: Week Ended 01 July 2022

Read the original article at https://www.msspalert.com/top-10/most-read-01-july-2022/

This week’s most read managed security services news involved Avertium, Black Basta Ransomware Atacks, Cybereason, Lumen Technologies, SentinelOne, Torq, WatchGuard and more.

The post 10 Most Read MSSP News Stories: Week Ended 01 July 2022 appeared first on MSSP Alert.

Read the original article at https://www.msspalert.com/top-10/most-read-01-july-2022/

Atos Wins Deal to Refresh NATO Mission Critical Systems

Read the original article at https://www.msspalert.com/cybersecurity-news/atos-wins-deal-to-refresh-nato-mission-critical-systems/

The NATO Communications and Information Agency has awarded French IT conglomerate Atos a 1.2 million euro contract to install and configure mission critical cybersecurity capabilities and systems at 22 NATO sites.

The post Atos Wins Deal to Refresh NATO Mission Critical Systems appeared first on MSSP Alert.

Read the original article at https://www.msspalert.com/cybersecurity-news/atos-wins-deal-to-refresh-nato-mission-critical-systems/

Cyware and CyberQ Group Join Forces in Asia Pacific

Read the original article at https://www.msspalert.com/cybersecurity-markets/asia-pacific/cyware-and-cyberq-group-join-forces-in-asia-pacific/

A new partnership between Cyware and CyberQ Group will strengthen cybersecurity capabilities in the Asia Pacific region, the companies jointly announced.

The post Cyware and CyberQ Group Join Forces in Asia Pacific appeared first on MSSP Alert.

Read the original article at https://www.msspalert.com/cybersecurity-markets/asia-pacific/cyware-and-cyberq-group-join-forces-in-asia-pacific/

Coalition Partners with Allianz to Strengthen Cyber Insurance Offerings

Read the original article at https://www.msspalert.com/cybersecurity-news/coalition-partners-with-allianz-to-strengthen-cyber-insurance-offerings/

Coalition, the world’s first Active Insurance company, is strengthening its cyber insurance program through a new multi-year partnership with global insurer Allianz.

The post Coalition Partners with Allianz to Strengthen Cyber Insurance Offerings appeared first on MSSP Alert.

Read the original article at https://www.msspalert.com/cybersecurity-news/coalition-partners-with-allianz-to-strengthen-cyber-insurance-offerings/

CISA Adds One Known Exploited Vulnerability to Catalog

Read the original article at https://us-cert.cisa.gov/ncas/current-activity/2022/07/01/cisa-adds-one-known-exploited-vulnerability-catalog

Original release date: July 1, 2022

CISA has added one new vulnerability to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. These types of vulnerabilities are a frequent attack vector for malicious cyber actors and pose significant risk to the federal enterprise. Note: to view the newly added vulnerabilities in the catalog, click on the arrow in the “Date Added to Catalog” column, which will sort by descending dates.

Note: CISA previously added and then removed today’s addition, CVE-2022-26925, to the KEV Catalog after determining that remediations associated with this vulnerability would break certificate authentication for many federal agencies. Details:

  • CVE-2022-26925 was mitigated by Microsoft’s June 2022 Patch Tuesday update. 
  • The Microsoft update also includes remediations for CVE-2022-26923 and CVE-2022-26931, which change the way certificates are mapped to accounts in Active Directory. These changes break certificate authentication for many federal agencies.
  • For this reason, CISA has also published a Knowledge Article that provides critical steps that must be followed to prevent service outages. Agencies should review this Knowledge Article carefully before beginning the mitigation process.

Binding Operational Directive (BOD) 22-01: Reducing the Significant Risk of Known Exploited Vulnerabilities established the Known Exploited Vulnerabilities Catalog as a living list of known CVEs that carry significant risk to the federal enterprise. BOD 22-01 requires FCEB agencies to remediate identified vulnerabilities by the due date to protect FCEB networks against active threats. See the BOD 22-01 Fact Sheet for more information.    
  
Although BOD 22-01 only applies to FCEB agencies, CISA strongly urges all organizations to reduce their exposure to cyberattacks by prioritizing timely remediation of Catalog vulnerabilities as part of their vulnerability management practice. CISA will continue to add vulnerabilities to the Catalog that meet the specified criteria.    

This product is provided subject to this Notification and this Privacy & Use policy.

Read the original article at https://us-cert.cisa.gov/ncas/current-activity/2022/07/01/cisa-adds-one-known-exploited-vulnerability-catalog

[New FBI and CISA Alert] This ransomware strain uses RDP flaws to hack into your network

Read the original article at https://blog.knowbe4.com/new-fbi-and-cisa-alert-this-ransomware-strain-uses-rdp-flaws-to-hack-into-your-network

As of May 2022, MedusaLocker has been observed predominantly exploiting vulnerable Remote Desktop Protocol (RDP) configurations to access victims’ networks, according to a new joint Cybersecurity Advisory (CSA) from the Federal Bureau of Investigation (FBI), the Cybersecurity and Infrastructure Security Agency (CISA), and other law enforcement agencies.

Read the original article at https://blog.knowbe4.com/new-fbi-and-cisa-alert-this-ransomware-strain-uses-rdp-flaws-to-hack-into-your-network

Cyberattacks Gain Steam in Early ’22: Tetra Defense Report

Read the original article at https://www.msspalert.com/cybersecurity-research/cyberattacks-gain-steam-in-early-22-tetra-defense-report/

There appears to be no slowing down of cyberattacks during the first quarter of 2022, says Tetra Defense, an Arctic Wolf company, in its quarterly Incident Response Insights report.

The post Cyberattacks Gain Steam in Early ’22: Tetra Defense Report appeared first on MSSP Alert.

Read the original article at https://www.msspalert.com/cybersecurity-research/cyberattacks-gain-steam-in-early-22-tetra-defense-report/

Military Veteran to Lead New York’s Cybersecurity Operation

Read the original article at https://www.msspalert.com/cybersecurity-news/military-veteran-to-lead-new-yorks-cybersecurity-operation/

New York Governor Kathy Hochul taps Colin Ahern to helm the the state’s new Joint Security Operations Center.

The post Military Veteran to Lead New York’s Cybersecurity Operation appeared first on MSSP Alert.

Read the original article at https://www.msspalert.com/cybersecurity-news/military-veteran-to-lead-new-yorks-cybersecurity-operation/

Celebrity Crypto Scams Just Keep on Getting Worse

Read the original article at https://blog.knowbe4.com/celebrity-crypto-scams-just-keep-on-getting-worse

Bloomberg News recently reported that fake celebrity-endorsed crypto scams have doubled in the UK this year, and on average scammed victims out of $14,540 in stolen value before they realize what happened, which is 65% higher than the average crypto scam theft from the previous year. The article’s source expects celebrity-endorsed crypto scams to increase another 87% next year based on current rising trends.

Read the original article at https://blog.knowbe4.com/celebrity-crypto-scams-just-keep-on-getting-worse